Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 28

You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly. What is the best nmap command you will use?

nmap -T4 -F 10.10.0.0/24 

nmap -T4 -r 10.10.1.0/24 

nmap -T4 -O 10.10.0.0/24 

nmap -T4 -q 10.10.0.0/24

SHOW ANSWER

Suppose you've gained access to your client's hybrid network. On which port should you listen to in order to know which Microsoft Windows workstations has its file sharing enabled?

1433 

161 

445 

3389

SHOW ANSWER

The company ABC recently discovered that their new product was released by the opposition before their premiere. They contract an investigator who discovered that the maid threw away papers with confidential information about the new product and the opposition found it in the garbage. What is the name of the technique used by the opposition?

Hack attack 

Sniffing 

Dumpster diving 

Spying

SHOW ANSWER

When you return to your desk after a lunch break, you notice a strange email in your inbox. The sender is someone you did business with recently, but the subject line has strange characters in it. What should you do?

 Forward the message to your company's security response team and permanently delete the message from your computer. 

Reply to the sender and ask them for more information about the message contents. 

Delete the email and pretend nothing happened 

Forward the message to your supervisor and ask for her opinion on how to handle the situation

SHOW ANSWER

Which of the following is a symmetric cryptographic standard?

DSA 

PKI 

RSA

3DES 

SHOW ANSWER

In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details. Ignorant users usually fall prey to this scam. Which of the following statement is incorrect related to this attack?

Do not reply to email messages or popup ads asking for personal or financial information 

Do not trust telephone numbers in e-mails or popup ads 

Review credit card and bank account statements regularly 

Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks 

Do not send credit card numbers, and personal or financial information via e-mail

SHOW ANSWER

ICMP ping and ping sweeps are used to check for active systems and to check

 if ICMP ping traverses a firewall. 

the route that the ICMP ping took. 

the location of the switchport in relation to the ICMP ping. 

the number of hops an ICMP ping takes to reach a destination. 

SHOW ANSWER

While conducting a penetration test, the tester determines that there is a firewall between the tester's machine and the target machine. The firewall is only monitoring TCP handshaking of packets at the session layer of the OSI model. Which type of firewall is the tester trying to traverse?

 Packet filtering firewall 

Application-level firewall 

Circuit-level gateway firewall 

Stateful multilayer inspection firewall

SHOW ANSWER

DHCP snooping is a great solution to prevent rogue DHCP servers on your network. Which security feature on switches leverages the DHCP snooping database to help prevent man-in-themiddle attacks?

Port security 

A Layer 2 Attack Prevention Protocol (LAPP) 

Dynamic ARP inspection (DAI) 

Spanning tree

SHOW ANSWER

What would you enter, if you wanted to perform a stealth scan using Nmap?

nmap -sU 

nmap -sS 

nmap -sM 

nmap -sT

SHOW ANSWER

Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request Forgery (CSRF) vulnerable web application?

The victim user must open the malicious link with an Internet Explorer prior to version 8. 

The session cookies generated by the application do not have the HttpOnly flag set. 

The victim user must open the malicious link with a Firefox prior to version 3. 

The web application should not use random tokens.

SHOW ANSWER

What is the best Nmap command to use when you want to list all devices in the same network quickly after you successfully identified a server whose IP address is 10.10.0.5?

 nmap -T4 -F 10.10.0.0/24 

nmap -T4 -q 10.10.0.0/24 

nmap -T4 -O 10.10.0.0/24 

nmap -T4 -r 10.10.1.0/24

SHOW ANSWER

In Wireshark, the packet bytes panes show the data of the current packet in which format?

Decimal

ASCII only

Binary 

Hexadecimal

SHOW ANSWER

While doing a Black box pen test via the TCP port (80), you noticed that the traffic gets blocked when you tried to pass IRC traffic from a web enabled host. However, you also noticed that outbound HTTP traffic is being allowed. What type of firewall is being utilized for the outbound traffic?

 Stateful 

 Application 

Circuit

Packet Filtering

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in